Collaborate Disseminate
The Preempt research team found two critical Microsoft vulnerabilities that consist of three logical flaws in NTLM, the company’s proprietary authentication protocol. These vulnerabilities allow attackers to remotely execute malicious code on any Windo… Continue reading Critical Microsoft NTLM vulnerabilities allow remote code execution on any Windows machine
Emails delivering RTF files equipped with an exploit that requires no user interaction (except for opening the booby-trapped file) are hitting European users’ inboxes, Microsoft researchers have warned. Exploit delivers backdoor The exploit takes… Continue reading Malware peddlers hit Office users with old but reliable exploit
Recent research revealed that blockchain is set to become ubiquitous by 2025, entering mainstream business and underpinning supply chains worldwide. This technology is set to provide greater transparency, traceability and immutability, allowing people … Continue reading Is there a weak link in blockchain security?
A critical vulnerability in Exim, the mail transfer agent (MTA) deployed on over half of all Internet-facing mail servers, may allow attackers to run commands as the “root” user. About CVE-2019-10149 CVE-2019-10149 was discovered by Qualys … Continue reading Critical Exim flaw exploitable locally and remotely, patch ASAP!
Like many before him, Amit Serper started his cybersecurity career in one of Israel’s intelligence agencies. Nine years later, he left for the private sector: he joined Cybereason, a cyber security company started by former colleagues which speci… Continue reading Trust nothing: A life in infosec is a life of suspicion
In the age of big data, it is easy to think that only machines can detect a signal amid the noise. While it’s true that big data tools can discover signals that might not be obvious, they can also create their own kind of noise in which the true signal… Continue reading An intelligence-driven approach to cyber threats
NSS Labs, the Texas-based company that specializes in testing the world’s security products, has a new CEO. Jason Brvenik, the company’s CTO since early 2017, took over the role from Vikram Phatak, the company’s founder. But, as Brvenik tol… Continue reading Advancing transparency and accountability in the cybersecurity industry
Netflix is a champion of using chaos engineering to improve the resilience of its cloud infrastructure. That’s how it ensures its customers don’t have their Stranger Things binge watching sessions interrupted. Netflix is one of a growing number of comp… Continue reading Embrace chaos to improve cloud infrastructure resilience
Skydivers know that there is a risk their parachute won’t open. Police officers know their daily jobs come with the inherent risk of danger. And private equity firms know there is a risk they won’t realize the expected return on investment in any given… Continue reading Is your private equity firm exposed to these hidden IT risks?
There’s a not a lot of researchers probing the security of computer systems underpinning the maritime industry. The limitations that keep that number low are obvious: both the specialized knowledge and equipment is difficult to come by. And, as K… Continue reading Hack The Sea: Bridging the gap between hackers and the maritime sector